Start of Content Area

Procedure documentation Entering the Connection Data for the LDAP Server  Locate the document in its SAP Library structure

Use

To use an LDAP server as data source for the UME, you have to specify the data source configuration file to use and provide connection data for the LDAP server. You do this using the LDAP configuration tool.  

Prerequisites

All cluster elements are shut down.

Procedure

...

       1.      Start the Config Tool by executing <SAPJ2EEEngine_installation>\j2ee\configtool\configtool.bat.

       2.      In the Config Tool, choose UME LDAP data.

       3.      In the Configuration file list box, choose the appropriate configuration file. For a list of the available configuration files for LDAP directories, see LDAP Directory as Data Source.

If the file you require is not there, upload a new configuration file as described in UME LDAP Configuration Tool. For example, you may need to adapt the attribute mapping section of the configuration file, if your LDAP directory does not adhere to the X.500 standard. In this case, you would adapt a copy of an existing configuration file and then upload the adapted file.

If the configuration file already contains some configuration data, this data is displayed in the configuration tool and cannot be overwritten.

       4.      If your configuration file defines more than one LDAP data source, choose the one you want to configure in LDAP data source ID.

       5.      Enter the connection details for your LDAP data source as follows:

Field Name

Value

LDAP server type

Type of the LDAP directory server, for example SUN.

For more information on the possible values, see the ume.ldap.access.server_type property at LDAP Directory Data Source.

Server name

Host of the LDAP directory server.

Server port

Port of the LDAP directory server.

User

Distinguished name (DN) of user that is used to connect (bind) to the LDAP directory server.

This user should have read and search permissions for all branches of the LDAP directory. If UME also needs to write to the LDAP directory, the user must additionally have create and change authorizations.

Password

Password of user that is used to connect (bind) to the LDAP directory server.

When you enter the password in the Config Tool, it is displayed as asterisks.

User path*

Distinguished name of branch of directory where information about users is stored.

Use the Browse button to browse to the correct path on the LDAP server.

Group path*

Distinguished name of branch of directory where information about groups is stored.

Use the Browse button to browse to the correct path on the LDAP server.

*If you have a ‘groups in a tree’ hierarchy, the User path and Group path fields must have the same value.

       6.      To test the data you entered:

¡        Choose Test connection to establish a connection with the user ID and password you entered.

¡        Choose Test authentication to establish a connection with a user ID and password that you provide in a dialog box.

 

       7.      To save your entries, choose Apply changes.

       8.      Restart the java application server.

Example

The following table lists example values to enter when using a Novell eDirectory with a flat hierarchy as LDAP directory. Access to the LDAP directory is read/write. Secure Sockets Layer (SSL) is not used to access the LDAP directory.

Field name

Value

Configuration file

dataSourceConfiguration_novell_not_readonly_db.xml

LDAP server type

NOVELL ( you do not need to enter this as it is predefined in the configuration file)

Server name

myserver

Server port

390

User

cn=admin,o=ume

Password

Admin (The password is displayed as asterisks on the screen.)

SSL

Not selected

User path

o=ume

Group path

o=ume

 

End of Content Area